def EmptyCurrent(response, request): try: if ParameterService.GetServiceConfig( CommonUtils.Current(response, request), 'LoginProvider') == 'Cookie': response.delete_cookie( ParameterService.GetServiceConfig( CommonUtils.Current(response, request), 'LoginProvider')) else: request.session.clear() except Exception as e: print(e)
def wrapped_function(*args, **kwargs): if ParameterService.GetServiceConfig(None, 'LoginProvider') == 'Cookie': try: user = args[0].get_signed_cookie( ParameterService.GetServiceConfig( None, 'LoginProvider'), salt=ParameterService.GetServiceConfig( None, 'LoginUserKey')) if user: user = SecretHelper.AESDecrypt(user) try: user = json.loads(user, object_hook=UserInfo.json_2_obj) if PublicController.IsAuthorized( HttpResponse(), args[0], code): return func(*args, **kwargs) else: return HttpResponseRedirect('/Admin/Index/') except: return HttpResponseRedirect('/Admin/Index/') else: return HttpResponseRedirect('/Admin/Index/') except Exception as e: print(e) return HttpResponseRedirect('/Admin/Index/') else: try: user = args[0].session.get( ParameterService.GetServiceConfig( None, 'LoginProvider')) if user: user = SecretHelper.AESDecrypt(user) try: user = json.loads(user, object_hook=UserInfo.json_2_obj) if PublicController.IsAuthorized( HttpResponse(), args[0], code): return func(*args, **kwargs) else: return HttpResponseRedirect('/Admin/Index/') except: return HttpResponseRedirect('/Admin/Index/') else: return HttpResponseRedirect('/Admin/Index/') except Exception as e: print(e) return HttpResponseRedirect('/Admin/Index/')
def Delete(request): try: key = request.POST['key'] except: key = '' returnValue = ParameterService.SetDeleted( CommonUtils.Current(HttpResponse(), request), key) if returnValue > 0: response = HttpResponse() response.content = json.dumps({ 'Success': True, 'Data': '1', 'Message': FrameworkMessage.MSG0013 }) return response else: response = HttpResponse() response.content = json.dumps({ 'Success': False, 'Data': '0', 'Message': FrameworkMessage.MSG3020 }) return response
def __call__(self, *args, **kw): if ParameterService.GetServiceConfig(None, 'LoginProvider') == 'Cookie': try: user = args[0].get_signed_cookie( ParameterService.GetServiceConfig(None, 'LoginProvider'), salt=ParameterService.GetServiceConfig( None, 'LoginUserKey')) if user: user = SecretHelper.AESDecrypt(user) try: user = json.loads(user, object_hook=UserInfo.json_2_obj) except: return HttpResponseRedirect('/Admin/Index/') return self.f(*args, **kw) else: return HttpResponseRedirect('/Admin/Index/') except Exception as e: print(e) return HttpResponseRedirect('/Admin/Index/') else: try: user = args[0].session.get( ParameterService.GetServiceConfig(None, 'LoginProvider')) if user: user = SecretHelper.AESDecrypt(user) try: user = json.loads(user, object_hook=UserInfo.json_2_obj) except: return HttpResponseRedirect('/Admin/Index/') return self.f(*args, **kw) else: return HttpResponseRedirect('/Admin/Index/') except Exception as e: print(e) #TODO:这个地方只是暂时用来记录异常信息的代码,应当将不同模块不同方法的异常记录写到各自的代码中,后期此代码要删除 e_out = Ciexception() e_out.id = uuid.uuid4() e_out.createon = datetime.datetime.now() e_out.message = e ExceptionService.Add(None, e_out) return HttpResponseRedirect('/Admin/Index/')
def GetEntity(request): try: key = request.POST['key'] except: key = None entity = ParameterService.GetEntity(CommonUtils.Current(HttpResponse(), request), key) response = HttpResponse() response.content = entity.toJSON() return response
def Theme(response, request): tmpTheme = "default" vUser = CommonUtils.Current(response, request) if vUser: tmpTheme = ParameterService.GetParameter( CommonUtils.Current(response, request), 'User', vUser.Id, 'WebTheme') if not tmpTheme: tmpTheme = 'default' request.session['theme'] = tmpTheme response.set_signed_cookie( 'theme', tmpTheme, max_age=int( ParameterService.GetServiceConfig( CommonUtils.Current(response, request), 'CookieMaxAge')), salt=ParameterService.GetServiceConfig( CommonUtils.Current(response, request), 'LoginUserKey')) return tmpTheme
def UIStyle(userInfo, response, request): tmpUIStyle = "AccordionTree" vUser = CommonUtils.Current(response, request) if userInfo: try: tmpUIStyle = ParameterService.GetParameter( CommonUtils.Current(response, request), 'User', userInfo.Id, 'NavType') except: tmpUIStyle = 'AccordionTree' else: tmpUIStyle = 'AccordionTree' request.session['UIStyle'] = tmpUIStyle response.set_signed_cookie( 'UIStyle', tmpUIStyle, max_age=int( ParameterService.GetServiceConfig( CommonUtils.Current(response, request), 'CookieMaxAge')), salt=ParameterService.GetServiceConfig( CommonUtils.Current(response, request), 'LoginUserKey')) return tmpUIStyle
def GridPageListJson(request): page = None rows = None sort = None order = None filter = None try: page = request.POST['page'] except: page = 1 try: rows = request.POST['rows'] except: rows = 20 try: sort = request.POST['sort'] except: sort = 'sortcode' try: order = request.POST['order'] except: order = 'asc' try: filter = request.POST['filter'] except: filter = '' response = HttpResponse() recordCount, dtParameter = ParameterService.GetDTByPage( CommonUtils.Current(response, request), SearchFilter.TransfromFilterToSql(filter, False), rows, sort + ' ' + order) pageValue = dtParameter.page(page) parameterTmp = '' for parameter in pageValue: parameterTmp = parameterTmp + ', ' + json.dumps(parameter, cls=DateEncoder) parameterTmp = parameterTmp.strip(',') returnValue = '{"total": ' + str( recordCount) + ', "rows":[' + parameterTmp + ']}' response.content = returnValue return response
def Current(response, request): if ParameterService.GetServiceConfig(None, 'LoginProvider') == 'Cookie': try: user = request.get_signed_cookie( ParameterService.GetServiceConfig(None, 'LoginProvider'), salt=ParameterService.GetServiceConfig( None, 'LoginUserKey')) #user = pickle.loads(user) user = SecretHelper.AESDecrypt(user) user = json.loads(user, object_hook=UserInfo.json_2_obj) return user except Exception as e: return None else: try: user = request.session.get( ParameterService.GetServiceConfig(None, 'LoginProvider')) user = SecretHelper.AESDecrypt(user) user = json.loads(user, object_hook=UserInfo.json_2_obj) return user except Exception as e: print(e) return None
def UpdateUserConfig(request): if request.POST['themeJson']: response = HttpResponse() vUser = CommonUtils.Current(response, request) jobj = json.loads(request.POST['themeJson']) pageSize = str(jobj['gridRows']) themeName = str(jobj['theme']['name']) navType = str(jobj['navType']) returnValue = 0 if pageSize: returnValue = returnValue + ParameterService.SetParameter( vUser, "User", vUser.Id, "WebPageSize", pageSize) if themeName: returnValue = returnValue + ParameterService.SetParameter( vUser, "User", vUser.Id, "WebTheme", themeName) response.set_signed_cookie( 'theme', themeName, max_age=int( ParameterService.GetServiceConfig( CommonUtils.Current(response, request), 'CookieMaxAge')), salt=ParameterService.GetServiceConfig( CommonUtils.Current(response, request), 'LoginUserKey')) if navType: returnValue = returnValue + ParameterService.SetParameter( vUser, "User", vUser.Id, "NavType", navType) response.set_signed_cookie( 'UIStyle', navType, max_age=int( ParameterService.GetServiceConfig( CommonUtils.Current(response, request), 'CookieMaxAge')), salt=ParameterService.GetServiceConfig( CommonUtils.Current(response, request), 'LoginUserKey')) if returnValue > 0: response.content = '1' else: response.content = '保存失败!' return response else: response = HttpResponse() response.content = "无保存数据!" return response
def AddCurrent(user, response, request): """ 写入登录信息 Args: user (UserInfo): user Returns: """ try: if ParameterService.GetServiceConfig( CommonUtils.Current(response, request), 'LoginProvider') == 'Cookie': #user = pickle.dumps(user) user = json.dumps(user, default=UserInfo.obj_2_json) #response.set_signed_cookie(ParameterService.GetServiceConfig('LoginProvider'), str(user), max_age=int(ParameterService.GetServiceConfig('CookieMaxAge')), salt=ParameterService.GetServiceConfig('LoginUserKey')) user = SecretHelper.AESEncrypt(user) user = str(user, encoding="utf8") response.set_signed_cookie( ParameterService.GetServiceConfig( CommonUtils.Current(response, request), 'LoginProvider'), user, max_age=int( ParameterService.GetServiceConfig( CommonUtils.Current(response, request), 'CookieMaxAge')), salt=ParameterService.GetServiceConfig( CommonUtils.Current(response, request), 'LoginUserKey')) else: #user = pickle.dumps(user) user = json.dumps(user, default=UserInfo.obj_2_json) user = SecretHelper.AESEncrypt(user) user = str(user, encoding="utf8") request.session[ParameterService.GetServiceConfig( CommonUtils.Current(response, request), 'LoginProvider')] = user request.session.set_expiry( int( ParameterService.GetServiceConfig( CommonUtils.Current(response, request), 'CookieMaxAge'))) except Exception as e: print(e)
def GetDefaultConfig(request): response = HttpResponse() vUser = CommonUtils.Current(response, request) curTheme = ParameterService.GetParameter(vUser, "User", vUser.Id, "WebTheme") curPageSize = ParameterService.GetParameter(vUser, "User", vUser.Id, "WebPageSize") curNavType = ParameterService.GetParameter(vUser, "User", vUser.Id, "NavType") if curTheme: if ParameterService.GetServiceConfig( CommonUtils.Current(response, request), 'LoginProvider') == 'Cookie': response.set_signed_cookie( 'theme', curTheme, max_age=int( ParameterService.GetServiceConfig( CommonUtils.Current(response, request), 'CookieMaxAge')), salt=ParameterService.GetServiceConfig( CommonUtils.Current(response, request), 'LoginUserKey')) outJson = "{" if curTheme: outJson = outJson + "\"theme\":{\"title\":\"默认皮肤\",\"name\":\"" + curTheme + "\",\"selected\":true}" else: outJson = outJson + "\"theme\":{\"title\":\"默认皮肤\",\"name\":\"default\",\"selected\":true}" if curPageSize: outJson = outJson + ",\"gridRows\":" + curPageSize else: outJson = outJson + ",\"gridRows\":20" if curNavType: outJson = outJson + ",\"navType\":\"" + curNavType + "\"}" else: outJson = outJson + ",\"navType\":\"AccordionTree\"}" response.content = outJson return response
def LogOn(userName, password, openId=None, createNewOpenId=False, ipAddress=None, macAddress=None, checkUserPassword=True): ReturnStatusCode = '' userInfo = UserInfo() realName = '' if UserInfo: realName = userInfo.RealName if ipAddress: #ipAddress = UserInfo.IPAddress userInfo.IPAddress = ipAddress if macAddress: #macAddress = UserInfo.MACAddress userInfo.MACAddress = macAddress #01: 系统是否采用了在线用户的限制 if SystemInfo.OnLineLimit > 0 and LogOnService.CheckOnLineLimit(): ReturnStatusCode = StatusCode.statusCodeDic['ErrorOnLineLimit'] return userInfo #02. 默认为用户没有找到状态,查找用户 #这是为了达到安全要求,不能提示用户未找到,那容易让别人猜测到帐户 if SystemInfo.EnableCheckPasswordStrength: ReturnStatusCode = StatusCode.statusCodeDic['ErrorLogOn'] else: ReturnStatusCode = StatusCode.statusCodeDic['UserNotFound'] #03. 查询数据库中的用户数据?只查询未被删除的 dataTable = Piuser.objects.filter( Q(deletemark=0) & Q(username=userName)) if dataTable.count() == 0: #TODO:若没数据再工号、邮件、手机号等方式登录 pass userEntity = None userLogOnEntity = None if dataTable.count() > 1: ReturnStatusCode = StatusCode.statusCodeDic['UserDuplicate'] elif dataTable.count() == 1: #05. 判断密码,是否允许登录,是否离职是否正确 userEntity = dataTable[0] if userEntity.auditstatus and userEntity.auditstatus.endswith( AuditStatus.WaitForAudit): ReturnStatusCode = AuditStatus.WaitForAudit return ReturnStatusCode, userInfo #用户无效、已离职的 if userEntity.isdimission == 1 or userEntity.enabled == 0: ReturnStatusCode = StatusCode.statusCodeDic['LogOnDeny'] return ReturnStatusCode, userInfo #用户是否有效的 if userEntity.enabled == -1: ReturnStatusCode = StatusCode.statusCodeDic['UserNotActive'] return ReturnStatusCode, userInfo userLogOnEntity = Piuserlogon.objects.get(id=userEntity.id) if (not userEntity.username) or (userEntity.username != 'Administrator'): #06. 允许登录时间是否有限制 if userLogOnEntity.allowendtime: userLogOnEntity.allowendtime = datetime.datetime( datetime.datetime.now().year, datetime.datetime.now().month, datetime.datetime.now().day, userLogOnEntity.allowendtime.hour, userLogOnEntity.allowendtime.minute, userLogOnEntity.allowendtime.second) if userLogOnEntity.allowstarttime: userLogOnEntity.allowstarttime = datetime.datetime( datetime.datetime.now().year, datetime.datetime.now().month, datetime.datetime.now().day, userLogOnEntity.allowstarttime.hour, userLogOnEntity.allowstarttime.minute, userLogOnEntity.allowstarttime.second) if datetime.datetime.now( ) < userLogOnEntity.allowstarttime: ReturnStatusCode = StatusCode.statusCodeDic[ 'UserLocked'] return ReturnStatusCode, userInfo if userLogOnEntity.allowendtime: if datetime.datetime.now() > userLogOnEntity.allowendtime: ReturnStatusCode = StatusCode.statusCodeDic[ 'UserLocked'] return ReturnStatusCode, userInfo #07. 锁定日期是否有限制 if userLogOnEntity.lockstartdate and datetime.datetime.now( ) > userLogOnEntity.lockstartdate: if userLogOnEntity.lockenddate or datetime.datetime.now( ) < userLogOnEntity.lockenddate: ReturnStatusCode = StatusCode.statusCodeDic[ 'UserLocked'] return ReturnStatusCode, userInfo #08. 是否检查用户IP地址,是否进行访问限制?管理员不检查IP. && !this.IsAdministrator(userEntity.Id.ToString() if SystemInfo.EnableCheckIPAddress and userLogOnEntity.checkipAddress == 1 and ( userEntity.username != 'Administrator' or userEntity.code == 'Administrator'): if ipAddress: if ParameterService.Exists(userEntity.id, 'IPAddress'): if not CheckIPAddress.CheckIPAddress( ipAddress, userEntity.id): ReturnStatusCode = StatusCode.statusCodeDic[ 'ErrorIPAddress'] return ReturnStatusCode, userInfo #没有设置MAC地址时不检查 if macAddress: if ParameterService.Exists(userEntity.id, 'MacAddress'): if not CheckIPAddress.CheckIPAddress( macAddress, userEntity.id): ReturnStatusCode = StatusCode.statusCodeDic[ 'ErrorMacAddress'] return ReturnStatusCode, userInfo #10. 只允许登录一次,需要检查是否自己重新登录了,或者自己扮演自己了 if UserInfo and UserInfo.Id != userEntity.id: if SystemInfo.CheckOnLine and userLogOnEntity.multiuserlogin == 0 and userLogOnEntity.useronline > 0: isSelf = False if openId: if userLogOnEntity.openid: if userLogOnEntity.openid == openId: isSelf = True if not isSelf: ReturnStatusCode = StatusCode.statusCodeDic['ErrorOnLine'] return ReturnStatusCode, userInfo #04. 系统是否采用了密码加密策略? if checkUserPassword and SystemInfo.EnableEncryptServerPassword: password = SecretHelper.AESEncrypt(password).decode() #11. 密码是否正确(null 与空看成是相等的) if userLogOnEntity.userpassword and password: userPasswordOK = True #用户密码是空的 if not userLogOnEntity.userpassword: #但是输入了不为空的密码 if password: userPasswordOK = False else: #用户的密码不为空,但是用户是输入了密码、 再判断用户的密码与输入的是否相同 userPasswordOK = password and userLogOnEntity.userpassword == password #用户的密码不相等 if not userPasswordOK: userLogOnEntity.passworderrorcount = userLogOnEntity.passworderrorcount + 1 if SystemInfo.PasswordErrorLockLimit > 0 and userLogOnEntity.passworderrorcount >= SystemInfo.PasswordErrorLockLimit: #密码错误锁定周期若为0,直接设帐号无效,需要管理员审核 if SystemInfo.PasswordErrorLockCycle == 0: Piuser.objects.filter(id=userEntity.id).update( enabled=0, auditstatus=AuditStatus.WaitForAudit) else: userLogOnEntity.lockstartdate = datetime.datetime.now() userLogOnEntity.lockenddate = datetime.datetime.now( ) + datetime.timedelta( minutes=SystemInfo.PasswordErrorLockCycle) Piuserlogon.objects.filter(id=userEntity.id).update( lockstartdate=userLogOnEntity.lockstartdate, lockenddate=userLogOnEntity.lockenddate) else: Piuserlogon.objects.filter(id=userEntity.id).update( passworderrorcount=userLogOnEntity.passworderrorcount) ''' 密码错误后处理: 11.1:记录日志 LogManager.Instance.Add(DBProvider, userEntity.Id.ToString(), userEntity.RealName, "LogOn", RDIFrameworkMessage.UserManager, "LogOn", RDIFrameworkMessage.UserManager_LogOn, userEntity.RealName, ipAddress, RDIFrameworkMessage.MSG0088); TODO: 11.2:看当天(24小时内)输入错误密码多少次了? TODO: 11.3:若输错密码数量已经超过了系统限制,则用户被锁定系统设定的小时数。 TODO: 11.4:同时处理返回值,由于输入错误密码次数过多导致被锁定,登录时应读取这个状态比较,时间过期后应处理下状态。 密码强度检查,若是要有安全要求比较高的,返回的提醒消息要进行特殊处理,不能返回非常明确的提示信息。 ''' if SystemInfo.EnableCheckPasswordStrength: ReturnStatusCode = StatusCode.statusCodeDic['ErrorLogOn'] else: ReturnStatusCode = StatusCode.statusCodeDic[ 'PasswordError'] return ReturnStatusCode, userInfo #12. 更新IP地址,更新MAC地址 userLogOnEntity.passworderrorcount = 0 if ipAddress: userLogOnEntity.ipaddress = ipAddress if macAddress: userLogOnEntity.macaddress = macAddress Piuserlogon.objects.filter(id=userEntity.id).update( passworderrorcount=0, ipaddress=ipAddress, macaddress=macAddress) #可以正常登录了 ReturnStatusCode = StatusCode.statusCodeDic['OK'] #13. 登录、重新登录、扮演时的在线状态进行更新 #userLogOnManager.ChangeOnLine(userEntity.Id); userInfo = LogOnService.ConvertToUserInfo(userInfo, userEntity, userLogOnEntity) userInfo.IPAddress = ipAddress userInfo.MACAddress = macAddress userInfo.Password = password #这里是判断用户是否为系统管理员的 userInfo.IsAdministrator = PermissionService.IsAdministrator( userEntity) ''' // 数据找到了,就可以退出循环了 /* // 获得员工的信息 if (userEntity.IsStaff == 1) { PiStaffManager staffManager = new PiStaffManager(DBProvider, UserInfo); //这里需要按 员工的用户ID来进行查找对应的员工-用户关系 PiStaffEntity staffEntity = new PiStaffEntity(staffManager.GetDT(PiStaffTable.FieldUserId, userEntity.Id)); if (!string.IsNullOrEmpty(staffEntity.Id)) { userInfo = staffManager.ConvertToUserInfo(staffEntity, userInfo); } }*/ ''' #记录系统访问日志 if ReturnStatusCode == StatusCode.statusCodeDic['OK']: if not userInfo.OpenId: createNewOpenId = True if createNewOpenId: userInfo.OpenId = LogOnService.UpdateVisitDate( userEntity.id, createNewOpenId) else: LogOnService.UpdateVisitDate(userEntity.id, createNewOpenId) return ReturnStatusCode, userInfo
def SubmitForm(request): try: IsOk = '1' try: key = request.GET['key'] except: key = None response = HttpResponse() curUser = CommonUtils.Current(response, request) if not key: parameter = Ciparameter() parameter = parameter.loadJson(request) parameter.id = uuid.uuid4() parameter.deletemark = 0 parameter.createon = datetime.datetime.now().strftime( '%Y-%m-%d %H:%M:%S') parameter.createby = curUser.RealName parameter.createuserid = curUser.Id parameter.modifiedon = datetime.datetime.now().strftime( '%Y-%m-%d %H:%M:%S') parameter.modifiedby = curUser.RealName parameter.enabled = 1 returnCode, returnMessage, returnValue = ParameterService.Add( curUser, parameter) if returnCode == StatusCode.statusCodeDic['OKAdd']: response.content = json.dumps({ 'Success': True, 'Data': IsOk, 'Message': returnMessage }) return response elif returnCode == StatusCode.statusCodeDic['ErrorCodeExist']: response.content = json.dumps({ 'Success': False, 'Data': '0', 'Message': '编码或名称重复' }) return response else: response.content = json.dumps({ 'Success': False, 'Data': '0', 'Message': returnMessage }) return response else: parameter = ParameterService.GetEntity( CommonUtils.Current(response, request), key) if parameter: parameter = parameter.loadJson(request) else: response.content = json.dumps({ 'Success': False, 'Data': '0', 'Message': "修改失败!" }) return response if curUser: parameter.modifiedby = curUser.RealName parameter.modifieduserid = curUser.Id parameter.modifiedon = datetime.datetime.now() returnCode, returnMessage = ParameterService.Update( CommonUtils.Current(response, request), parameter) if returnCode == StatusCode.statusCodeDic['OKUpdate']: response.content = json.dumps({ 'Success': True, 'Data': IsOk, 'Message': returnMessage }) return response else: response.content = json.dumps({ 'Success': False, 'Data': '0', 'Message': returnMessage }) return response except Exception as e: print(e) response = HttpResponse() response.content = json.dumps({ 'Success': False, 'Data': '0', 'Message': FrameworkMessage.MSG3020 }) return response